How to remove a malware from the time machine backup?

I hate to tell you this, but the new OS versions place your OS and all of its system files in a read-only, otherwise nonaccessible volume on your drive. That means neither you nor anyone or anything else has access to write to it. So, why bother paying for or installing anything that, if it were to actually do what it is supposed to do, is unable to do so?

https://support.apple.com/en-us/HT210650

https://manuals.info.apple.com/MANUALS/1000/MA1976/en_US/device-and-data-access-when-personal-safety-is-at-risk.pdf

https://developer.apple.com/news/?id=3xpv8r2m

So, exactly where is that "malware" located? Can you post the file path to it? And what is it (name)?

including compliance with European GDPR rules which govern how long personal data can be kept.

Nice try there, but it doesn't wash. You decide how long a back up is kept, no one else. Just you. Further, you decide to use Time Machine and not some other back up routine. Again, down to you. And that's not what GDPR means. A business can keep information on customers quite legitimately for years, even after the end of the business relationship. Audit, and all that.

I am not qualified to discuss the legal issues. The way Time works Machine is clear: backups are kept while space allows. You can use exclusions to NOT backup specific folders. Store any data that you need to delete in an excluded folder, and back it up some other way, or forego Time Machine altogether and i

use a different method.

electrician1982 wrote:

The fact is, not being able to delete a file from an archive is nonsense.

Time Machine is a backup system, not an archive. Given enough time, all files will eventually be deleted from a Time Machine backup.

There could be many legitimate reasons to do so, including compliance with European GDPR rules which govern how long personal data can be kept.

The GDPR has nothing to do with the functionality of Apple's consumer-level backup solution. If you were hosting personal information from other people and backing it up to Time Machine, then you might be breaking the law. But that would be your problem, not Apple's.

electrician1982 wrote:

A simple mailing list must be deleted once it has been used.

I think you need better legal advice about GDPR. If a simple mailing list must be deleted, that must also mean you have to delete all traces of anyone's email address who was on that list. So all your emails, Sent email boxes, etc. must be purged of any trace of the email addresses? What about emails on an email provider's server? Or that the email provider backed up somewhere else?

Who decides when a "business relationship" has ended?

What about local snapshots that the MacOS makes? What about caches, many of which are hidden from easy user access? Some caches are created by Apps, some by the MacOS. That data is inside all of those. How do you delete the email address from those?

Note that Windows also provides a method to restore your machine to the way it was some time ago in the past. Which includes old mailing lists, emails sent and received, etc. Are all those Windows machines in violation too? Because the personal info is stored in those snapshots too? Every single Mac and Windows machine must pay 10 million Euros fines? Each? For each violation?

Leroy - can I just say you are absolutely brilliant. When people come onto ASP forums because they've encountered something a bit wrong, they are often scared and hyper vigilant. This of course means they are jumping at shadows.

You are so good at listening and responding to people's concerns. It's much more helpful than some other approaches.

I've had a similar issue. I've had some things go wrong, and then started to, well, leap at shadows. But that's kinda what happens when you are a bit scared and you (as in me) has limited technical knowledge and so forth.

I really, really, really appreciate the calm and methodical approach you take in these circumstances.

I just wanted to say I think you are absolutely brilliant and should be very proud.

I'm genuinely very thankful.

And you have a name that reminds me of Bugsy Malone!

Look everyone seems to be making wild statements about the GDPR here. It's a complex regime and doesn't seem that relevant to this discussion. The GDPR of course has implications for Apple's consumer-level backup solution - and they comply with those rules very well.

Edit ** Luis and Steve are spot on, if you (OP) does think there is an issue here, you need legal advice, rather than technical advice.

electrician1982 wrote:

I just have one comment to people. Don’t be so aggressive. I asked an innocent and legitimate question about the functionality of a piece of apple software just to be met with a tirade on the pros and cons (none it seems) of malware detection software - completely irrelevant to my question and not any opinion I sought.

In fact, you were the one that repeatedly steered this thread towards the tangents of the crazy behaviour of your antivirus software and the GDPR.

Note that you should have received notifications from Apple Support Communities for replies to this thread. Those notifications would contain my protected personal information and are now stored on your computer and on your backup. At this time I am formally notifying you of my request to be forgotten under the terms of the GDPR. Please delete your e-mail accounts and your backup. Thanks in advance.

Guys nothing would excite the law nerd in me more than to embark on a detailed analysis of the GDPR and how you balance the rights and obligations of a number of parties and entities. But this is not the place for it.

I suggest you review https://www.apple.com/legal/privacy/en-ww/governance/ and contact your ICO or equivalent office, if you have concerns.

It's not a technical question, let alone a simple legal one.

I mean I am so so tempted to discuss the complexities of the question. But this is a technical support forum.

So yeah its a big no to the OP. Yes, GDPR will broadly apply to cloud based backups, but there are no rights being infringed. You (the OP) can request your data (portability and all that) and get it.

So yeah. A non starter it seems.

Perhaps an analogy helps here. I rent a storage shed and store my mattress there. It is mine and I have the right to have it returned to me. But lets say it had a few bed bugs in it when I stored it. My right to the mattress isn't a right to demand the storage company removes all the bed bugs first.

Feel free to delete this comment because this is really not the point of this forum. The relevant GDPR issues seem to be portability and data protection principle 6. But they don't justify the OP claim.

Sorry I just am so bored obviously. I wont be offended if you delete this at all. Just if anyone was interested in why it's not an issue - that's my reading of it.

As an additional thought: discussing the legal ramifications on any issue here is way beyond the scope of these forums as they are supposed to be technical questions and answers forums on how to work your device. Anything beyond that should be addressed with Apple since we are simply other end users here and not qualified to argue legal points.

Is it not possible to turn that garbage off?